Dave Johnson on open web technologies, social software and software development
I barely even update this blog, but I do update the software that powers it and I'm happy to still have the help of an awesome team of volunteers who pitch in when they want to and always when needed. Today we released Apache Roller 6.1.0, a release we had been talking about, but that was prompted by the Log4J vulnerability. See the project's blog for details.
I'm not the one making the most code changes in Roller now days, but I do help with releases. I've been spending my spare cycles hacking on BlogQL, a Node/TypeScript-based blog server with a GraphQL API and a React front-end. It's really more of an example app to help me understand those technologies, kind of like Roller was. Maybe I'll write about it someday. That's all for now.
Just a note to say that I've switched this site over to Digital Ocean Kubernetes service, which is in Limited Availability right now.
Digital Ocean's Kubernetes service is just as simple and well designed as the rest of Digital Ocean. I mentioned before that I rolled my own Kubernetes cluster via Ansible and Kubeadm. Now I can delete all those config files and that's a good thing. Plus, the price is right; I can get by with one $10/month node (1 CPU / 2 GB memory) and a $10/month load balancer.
To get this site up and running I had to deploy four things to my cluster. I installed the NGINX Ingress Controller, Cert-Manager for automatic creation of Let's Encrypt TLS certs, PostgreSQL and my custom build of Apache Roller. All of that went pretty smoothly and I didn't run into and problems that I could blame on Digital Ocean.
Just a quick note to say that I ditched Docker Swarm and now this rarely updated blog is powered by Kubernetes. Total overkill, I know. Like Roller itself, I did it as a learning exercise. I hope to blog more about what I learned by doing this. For now, here's a quick summary of what I've done so far.
Created a cluster
I created a 2-node Kubernetes cluster on Digital Ocean using some hand-crafted Ansible scripts that call
apt-get to install and
kubeadm to start Kubernetes. I considered using Typhoon to create the cluster, but I really wanted to learn how to install Kubernetes "from scratch".
Ran two Ingress Controllers
To avoid using Digital Ocean's $20/month load balancer I'm running an Nginx Ingress controller on each node, and pinning containers to nodes using labels and nodeSelectors. I had to borrow Nginx Controller setup files from the Typhoon project because I'm still kind of bewildered by Ingresses.
Deployed my containers
Next, I wrote Kubernetes YAML files for deploying my containers: a private Docker Registry, PostgreSQL and my custom Roller image. Getting the private registry working properly was the biggest challenge. I need private because I don't want to make my custom Roller image public. Next, I'll install Jenkins next for CI/CD of my custom Roller build via the Jenkins Kubernetes plugin.
Let me know if there are any aspects of this that you'd like to see covered in a blog entry, or suggestions for running the cluster without two Ingress Controllers. I've already got a post cooking about installing a TLS secured Docker Registry on Kubernetes.
I'm not motivated to write new blog entries but for some reason I was motivated to update my blog's theme. This time I decided to go with Twitter Bootstrap + jQuery. It's responsive, so to speak. What do you think? I think it takes a little too long for the banner image to load.
Latest links, favorites and photos shared elsewhere:
As you may remember, ROME Propono is a subproject of ROME, the Java-based RSS/Atom feed library. ROME Propono includes an AtomPub server library and an AtomPub client. I added OAuth support to the AtomPub client and in this post, I'll show how you can use it to post to the Roller 5.0-dev (i.e. the snapshot build that I made available yesterday).
In case you haven't already heard, thanks to the recent hard work of Nick Lothian, ROME 1.0 is now available. You can find downloads at rome.dev.java.net and a list of changes in the Change Log there. To celebrate this momentous event, I'm planning on releasing ROME Propono 1.0 as well, and in preparation, I've made a release candidate available. The new Propono includes ROME 1.0 and support for OAuth. You can get it via the links below:
rome-propono-1.0RC1.tar.gz (2.0 mb)
rome-propono-1.0RC1.zip (3 mb)
To use the Propono AtomPub client, you place the Propono jars in your Java VM classpath and then call the
AtomClientFactory to get started, as described in the ROME Propono 1.0 Javadocs.
Below is a Groovy example that shows how to post a blog entry to Roller via AtomPub and OAuth. You can get the consumer key, secret and URLs you need to call your instance of Roller from the OAuth Credentials page in the Roller admin interface.
import com.sun.syndication.propono.atom.client.* import com.sun.syndication.feed.atom.* def authStrategy = new OAuthStrategy( "roller", // username "55132608a2fb68816bcd3d1caeafc933", // consumer key "bb420783-fdea-4270-ab83-36445c18c307", // consumer secret "HMAC-SHA1", // key type "http://blogs.example.com/roller-services/oauth/requestToken", "http://blogs.example.com/roller-services/oauth/authorize", "http://blogs.example.com/roller-services/oauth/accessToken") // get the AtomPub service def appService = AtomClientFactory.getAtomService( "http://blogs.example.com/roller-services/app", authStrategy) // find workspace of my blog def blog = appService.findWorkspace("Blogging Roller") // find collecton that will accept entries def entries = blog.findCollection(null, "application/atom+xml;type=entry") // create and post an entry def entry = entries.createEntry() entry.title = "TestPost" def content = new Content() content.setValue("This is a test post. w00t!") entry.setContent([content]) entries.addEntry(entry)
If you have questions or feedback about ROME Propono 1.0 RC1, please post them to the ROME dev mail list and I'll do my best to respond there.
Over the past month or so I've been adding OAuth support to just about every open source project that I can commit to. I added OAuth support to Roller so that you can now use OAuth to protect Roller's AtomPub server and other things. I also added OAuth support to ROME Propono's AtomPub client so you can now use Propono to post to Roller (more about that later). Here's a quick overview of how OAuth in Roller works.
NOTE that this post applies to Roller 5.0, which has not yet been officially released.
If you want to use OAuth with AtomPub on your Roller site, go to the Server Admin page and find the Web Services section, enable AtomPub and specify 'oauth' as the authentication mechanism, like so:
Once you've done the setup, you'll find an OAuth Credentials link on the Roller Main Menu page, which will lead you a page like the one below showing your OAuth consumer key & secret and, if you are a site admin user, the site-wide key & secret. Currently, there's only one set of site-wide credentials; I plan to fix that.
Of course, those aren't my real keys. You'll want to keep your OAuth keys secret as they can enable anybody to access your Roller account via AtomPub.
I mentioned that Roller 5.0 has not yet been released and that's true. There's still a lot of work to be done on 5.0, but that doesn't mean you can't get your hands on the code and binaries now. To make it easy, I've made an unofficial snapshot version of Roller 5.0-dev available for testing purposes only. It's what I'm running on my site. You can get it here in two flavors:
The instructions in the old Roller 4.0 installation guide should work fine, so follow them to install and configure the 5.0-dev SNAPSHOT. Please send questions and feedback to either the Roller dev mail list and I'll do my best to respond there.
You'll also need an OAuth capable AtomPub client. More on that topic tomorrow...
I'm off to ApacheCon EU 2009> tomorrow in Amsterdam to speak on the topic of Shindig for Blogs and Wikis. I'm really looking forward to catching up with my Apache friends and colleagues. That's the conference venue in the photo on the right, the Movenpick hotel (in the background behind the music hall).
I'm staying a couple of extra days, so I hope to have time for bicycling around the city as I've done in the past (see also: Flickr photo sets for 2007 and 2008). Unfortunately, the weather forecast stinks. There's a 60% chance of rain every day that I'm in town. Oh well; guess I'll have plenty of time for blogging.
Speaking of blogging.This week, I'll be posting some blog entries to highlight the work that I've done in preparation for my talk. Here's what I plan to cover:
* Monday: OAuth for AtomPub in Roller
* Tuesday: OAuth for ROME Propono
* Wednesday: SocialSite on rollerweblogger.org
* Thursday: OAuth everywhere (continued)
* Friday: the future of Project SocialSite
If you plan to attend my talk, at 4:30PM on Friday March 27, then you should follow along. Pay special attention to the SocialSite on rollerweblogger.org and OAuth everywhere (continued) posts, which will include detailed background info. I'm looking forward to seeing you there.
The day before the layoff axe fell at Sun, I blogged about my upcoming Shindig for Blogs and Wikis talk at ApacheCon EU in March. Since then, I've been working almost non-stop on finding a new gig and have had little time to work on my presentation. That's not good, because I have fairly ambitious plans for this talk. I'll explain.
I want to be able to show how to add social features including OpenSocial support to a blog server and a wiki server by using plain old Shindig and then Project SocialSite. I'm targeting Roller and JSPWiki because they're the blog and wiki source code bases that I know best right now and they're both Apache efforts, but the same techniques should work with other systems like Wordpress or Drupal. If I have time I might be able to demo those too (but I wouldn't count on it).
I'm not sure how far I can go with plain old Shindig because, like most blog and wiki servers, neither Roller nor JSPWiki has detailed profile data, social relationships or activities. I should be able to get Google Gadgets working via Shindig, but OpenSocial Gadgets will take a lot more thought and effort.
I'm much more confident in the Project SocialSite approach. SocialSite provides for storage of detailed profile information, groups, activities and app data as well as the necessary UI. I'm confident enough that I'm going to deploy it on this site. So, stay tuned. I hope to have something to show by the end of next week.
Oh, and by the way. Today is the last day to register for ApacheCon EU with the early-bird discount. So sign-up already!
It was over four years ago when I discovered that Sun was using my software, Roller, to power blogs.sun.com. I was thrilled to go to work for the company back in 2004 and what an awesome cast of characters I've gotten to work with over the years. I really enjoyed the folks I worked with on the blogs.sun.com team, the open source folks and most recently, the Glassfish team -- some of the most talented and nicest folks I've ever worked with. It's been a great four and a half years but all good things must come to an end and today is the day.
I've been swept up in the latest round of Sun layoffs. Sun has decided to disinvest in Project SocialSite and as of today I'm free and available for employment. Though I do feel some urgency due to the bad economy, Sun's layoff package is pretty good and so I have some time to figure out what comes next and no need to make hasty decisions. Whatever I end up doing, I'll be blogging it here.
Oh, and about Apache Roller and Project SocialSite? I'm not ready to give up just yet. I'll be using a little of my time to do some mentoring and to move forward plans for Roller 5.0 this spring. And I see real value in the Project SocialSite "social-enable existing web sites" concept and I'm considering ways to move that forward as well, with or without Sun. I'm still giving my talk Shindig for Blogs & Wikis in March 2009 and, actually, I'm pretty happy I have some time right now to focus on those demos and slides.
Here's the announcement from the Roller project blog:
It's been over a year since our last Roller release and we've fixed a couple dozen bugs in that time including an XSS vulnerability reported recently by Secunia.com. Now those fixes are available as an official Roller release, 4.0.1
- Bugs fixed are listed in the JIRA Issue Tracker Release Notes page.
- Updated files and docs are available via the Apache download mirror network.
This is a bug-fix only release with no new features.
Wondering what's next for Roller? I'm going to push for a Roller 5.0 release in Spring 2009, as we've got good stuff in the trunk and more on the way, but I'm going to need your help to get there. More about that later.
I'm happy to report that I'll be traveling to Copenhagen, Denmark to talk about Roller and Project SocialSite at the Open Source Days 2008 conference on Oct. 3-4 this year. I'm going to tell the story of Roller and lessons learned along the way and then talk about blogging in the age of social networks and how to social-enable Roller with the SocialSite widgets. The session is called titled The once and future Roller.
I remember how freaked-out I was to see the referrer hits start rolling in (pun fully intended) from http://blogs.sun.com/roller. I can't believe it's been four years already. Thanks to Linda for the reminder.